Conventional technologies that are provided at the kernel level include kernel protection mechanisms. Kernel protection mechanisms allow enforcement of kernel protection measures that prevent portions of the kernel from being executed and/or modified. These mechanisms are useful for thwarting at least some malware and helping to safeguard the integrity of the kernel.
One issue that has arisen is that these kernel protection mechanisms are not compatible with other technologies that require write and/or execute access to the kernel. That is, the kernel protection mechanisms may render other technologies inoperable. For example, the kernel protection mechanisms may prevent particular features from being executed. These issues may result in the kernel protection mechanisms being impractical for use in production environments.
Accordingly, while kernel protection mechanisms may be helpful in some ways, they may also counter useful features that allow users to perform beneficial activities, such as by preventing collection of kernel data responsive to a kernel crash. It would be advantageous to allow the kernel data to be collected, while at the same time allowing kernel protection mechanisms to be implemented. The techniques provided herein offer kernel data collection features in a protected kernel environment.
Embodiments of the present disclosure and their advantages are best understood by referring to the detailed description that follows.